Online course on the protection of personal data in accordance with the General Data Protection Regulation. The course is delivered by certified information privacy specialists.
- Full day or half-daytraining on Zoom.
- Training for individuals and businesses.
- DPP Certificate for each participant based on test results.
- € 850
Description
GDPR DPP course is designed for those who want to be qualified as professionals in the data privacy sphere. Participants who complete the course and successfully pass tests will receive a Data Privacy Professional Certificate (DPP), which can be of value when applying for privacy-related positions.
Course methodology
This course is highly interactive and involves group discussions, practical exercises, and case studies based on actual events, completed with course materials (diagrams, documents, flowcharts, and templates).
01
Define categories of personal data.
02
Navigate data protection laws and regulations.
03
Apply data protection principles to processing activities.
04
Fulfill rights of data subjects.
05
Determine the lawful basis for processing activities.
06
Allocate the roles and responsibilities of data processing.
07
Handle data breach notifications.
08
Choose appropriate technical and organizational measures of information security.
09
Use proper mechanisms for cross-border transfers of personal data.
Target audience
01.
Сompliance officers and lawyers
02.
Information security officers
03.
Managers
04.
Software developers
05.
Human resource managers
06.
Database administrators
07.
Incident
managers
08.
Support
specialists
This course is also suitable for Data Protection Officers who seek to become certified or update their knowledge with the latest laws.
Target competencies
Anyone who works with personal data must ensure compliance with data protection laws and international regulations. The course guarantees that candidates are familiar with data protection terminology and privacy concepts and capable of applying them in practice.
Data Protection
Compliance
Information Security
Policy Creation
Management
HR and Recruitment
Schedule
Program
- Concepts of privacy, data privacy, data protection. Types of privacy.
- History of data privacy
- Taxonomy of privacy by Daniel Solove
- Social implications of data privacy
- Overview of evolution of privacy laws
- Review of existing data privacy laws, standards and regulations
- Сases, court precedents, guidelines in information privacy
- The Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data №108
- Directive 96/46
- Overview of present regulatory framework of data protection in EU (GDPR+)
- History of EU General Data Protection Regulation (GDPR)
- Territorial and material scope of GDPR
- Structure of GDPR text (recitals, business related articles etc)
- Overview GDPR related acts
- National data privacy legislation
- Legal precedents
- Guidelines and opinions of Article 29 Working Group (Art29WP) / European Data Protection Board (EDPB)
- Guidelines of national supervisory authorities (SAs)
- Overview of risks, fines, responsibilities related to personal data processing
- Mapping of the Belarusian, Ukrainian and Russian data protection laws to the rules applicable in EU.
- The concepts of personal data (PD), identifier, data subject
- Formula of Persomal Data “(id-x)+info”
- Cases of (non-)personal data
- Biometric data
- The concepts of personal data (PD), identifier, data subject
- Formula of Persomal Data “(id-x)+info”
- Cases of (non-)personal data
- Biometric data
- Transparency of processing
- Purpose limitation
- Data minimisation
- Storage limitation
- Accuracy
- Integrity and confidentiality
- Accountability
- The 7 foundational principles of privacy by design by Ann Cavoukian
- Privacy by Default
- Privacy embedded into design
- Full functionality – positive-sum
- End-to-End Security – Lifecycle Protection
- Consent
- Conditions for consent
- Getting consent in UX
- Contract
- Legal obligation
- Vital interest
- Public interest
- Legitimate interest
- Balancing test of Legitimate Interest Assessment (LIA)
- Modalities for exercise of the rights of the data subject
- Right to information about processing
- Right to access personal data
- Right to rectification
- Right to restriction of processing
- Right to be forgotten
- Right to data portability
- Right to object
- Right to not be subject of automated decision-making
- Data subject’ rights restriction
- Case “Nightmare letter from data subject”
- Check-box approach vs risk based approach
- Concept of risk
- Risk likelihood and severity
- GDPR terminology related to risks (high risk, likely etc)
- Data Protection Impact Assessment (DPIA) requirement under GDPR
- When DPIA is mandatory
- BIA (Business Impact Assessment) or SIA (Security Impact Assessment) as triggers for DPIA
- General approach to conduct DPIA
- Describing processing operations, personal data and supporting assets
- Legal and risk-treatment controls
- Risk sources, feared events, threats and risks
- Tools for Data Protection Impact Assessment
- GDPR requirements to information security
- Data breach notification of supervisory authorities and data subjects
- Technical and organisational measures of managing information security risks
- Overview of GDPR rules on cross-border data flow
- Documenting international transfers of personal data
- Data Processing Agreement
- Binding Corporate Rules
- Standard Contractual Clauses
- Codes of conduct and certifications
- Derogations relating to cross-border data transfers for specific situations
- Representative in EU
- Data Protection Officer / DPO
